package com.blog.controller;


import java.util.List;

import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.blog.common.Constants;
import com.blog.core.http.HttpResult;
import com.blog.exception.KittyException;
import com.blog.pojo.SysRole;
import com.blog.pojo.SysUser;
import com.blog.service.SysRoleService;
import com.blog.service.SysUserService;
import com.blog.service.SysUserTokenService;
import com.blog.util.JSONUtils;
import com.blog.util.JWTUtil;
import com.blog.util.PasswordUtils;
import com.blog.vo.LoginBean;

import io.swagger.annotations.ApiOperation;

//登录控制器
@RestController
@RequestMapping("")
public class LoginController {
	
	@Autowired
	private SysUserService userService;
	
	@Autowired
	private SysUserTokenService userTokenService;
	
	@Autowired
	private SysRoleService sysRoleService;
	
	@ApiOperation(value = "查询记录(GET)", notes = "查询记录:http method is get", httpMethod = "POST")
	@RequestMapping(value = "sys/login",method=RequestMethod.POST)
	@ResponseBody
	public HttpResult login(@RequestBody String loginBean) throws Exception {
//        String username=loginBean.getUsername();
//        String password=loginBean.getPassword();
        String username=JSONUtils.getString(loginBean, "username");
        String password=JSONUtils.getString(loginBean, "password");
        if((username!=null && password!=null)){
        	// 获取用户密码混淆值
            SysUser user = userService.getByName(username);

            // 加密当前用户输入密码
            String encodePassword = new SimpleHash("MD5",password,ByteSource.Util.bytes(user.getSalt()),Constants.PASSWORD_HASH_INTERATIONS).toHex();

            if (!encodePassword.equals(user.getPassword())) {
                throw new KittyException("900");
            } else {
            	List<SysRole> roles = sysRoleService.listSysRoles(username);
            	userTokenService.createToken(user.getId(),JWTUtil.sign(username, encodePassword));
                return HttpResult.ok(JWTUtil.sign(username, encodePassword),roles);
			}
        }
        return HttpResult.error();
//        Subject currentUser = SecurityUtils.getSubject();
//		//判断当前用户是否已登录
//		if(currentUser.isAuthenticated() == false){
//			String token = JWTUtil.sign(username, password);
//			JWTToken jwtToken = new JWTToken(token);
//			try {
//				currentUser.login(jwtToken);
//			} catch (AuthenticationException e) {
//				e.getMessage();
//				e.printStackTrace();
//				System.out.println("登录失败");
//				return HttpResult.error("登录失败");
//			}
//		}
//		return HttpResult.ok("登录失败");
	}
	
	/** 	
	 * 验证用户密码
     * @param user
     * @param password
     * @return
     */
    public boolean match(SysUser user, String password) {
        return user.getPassword().equals(PasswordUtils.encrypte(password, user.getSalt()));
    }
	
    public static void main(String[] args) {
		String ps = "admin";
		System.out.println(new SimpleHash("MD5",ps,"YzcmCZNvbXocrsz9dm8e",2).toHex());
	}


}
